Platform Security Engineer L3

Blackford Tech is seeking a Platform Security Engineer (L3) to lead the design, implementation, and ongoing development of our Microsoft security platform. This is a hands-on lead engineering role focused on building secure, scalable, and well-governed platform capabilities across Microsoft Sentinel, Defender XDR, Entra ID, endpoint security, and supporting Azure infrastructure.
The ideal candidate will take ownership of the Microsoft security platform foundation across multi-tenant environments, helping to ensure customer platforms are deployed consistently, configured correctly, and aligned with Blackford Tech standards. The role is suited to someone who is comfortable combining architecture, engineering, and platform governance in a practical, delivery-focused environment.

Requirements

The ideal candidate will own the architecture and development of Microsoft Sentinel workspaces within a multi-tenant model, ensuring they are secure, scalable, and operationally effective. They will lead the onboarding and configuration of Defender XDR technologies, including Defender for Endpoint, Defender for Identity, Microsoft 365 security, and Cloud Apps.
The role includes Entra ID security architecture, RBAC, and access segmentation, alongside endpoint security baselines, policy deployment, device onboarding support, and tenant configuration validation. The ideal candidate will also help drive consistency and maturity through infrastructure-as-code using ARM, Bicep, or Terraform, while supporting platform governance across cost, retention, and configuration standards.
As a lead engineer, the successful candidate will work closely with SIEM engineering, Detection Engineering and SOC operations teams to ensure the platform supports both current operational needs and long-term growth.
Requirements
We are looking for a candidate with 5+ years of experience in security engineering, platform engineering, or a similar role, with strong hands-on experience across Microsoft security technologies.

The ideal candidate should have experience in the following areas:

• Microsoft Sentinel architecture and administration, ideally in multi-tenant environments
• Defender XDR onboarding and configuration, including Defender for Endpoint and Defender for Identity
• Entra ID security architecture, RBAC, and access segmentation
• Endpoint security controls, policy deployment, and infrastructure-as-code
• Attack Surface Reduction configurations and Conditional Access Policies

Experience in managed services, enterprise security, or multi-tenant environments would be beneficial. Strong technical ownership, sound judgement, and the ability to maintain high engineering standards are important for success in this role.